drop Handshake keys as soon as the handshake completes (as a server)

2025-04-03 20:27:35 +03:00 · 2019-11-22 10:58:16 +08:00 · 2019-11-22 10:58:16 +08:00 · f7fd5d2848
commit f7fd5d2848
parent 08ec2f69fc
5 changed files with 27 additions and 0 deletions
--- a/internal/handshake/crypto_setup.go
+++ b/internal/handshake/crypto_setup.go
@ -563,6 +563,15 @@ func (h *cryptoSetup) dropInitialKeys() {
 	h.logger.Debugf("Dropping Initial keys.")
 }

+func (h *cryptoSetup) DropHandshakeKeys() {
+	h.mutex.Lock()
+	h.handshakeOpener = nil
+	h.handshakeSealer = nil
+	h.mutex.Unlock()
+	h.runner.DropKeys(protocol.EncryptionHandshake)
+	h.logger.Debugf("Dropping Handshake keys.")
+}
+
 func (h *cryptoSetup) GetInitialSealer() (LongHeaderSealer, error) {
 	h.mutex.Lock()
 	defer h.mutex.Unlock()
--- a/internal/handshake/interface.go
+++ b/internal/handshake/interface.go
@ -73,6 +73,7 @@ type CryptoSetup interface {

 	HandleMessage([]byte, protocol.EncryptionLevel) bool
 	SetLargest1RTTAcked(protocol.PacketNumber)
+	DropHandshakeKeys()
 	ConnectionState() tls.ConnectionState

 	GetInitialOpener() (LongHeaderOpener, error)
--- a/internal/mocks/crypto_setup.go
+++ b/internal/mocks/crypto_setup.go
@ -76,6 +76,18 @@ func (mr *MockCryptoSetupMockRecorder) ConnectionState() *gomock.Call {
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ConnectionState", reflect.TypeOf((*MockCryptoSetup)(nil).ConnectionState))
 }

+// DropHandshakeKeys mocks base method
+func (m *MockCryptoSetup) DropHandshakeKeys() {
+	m.ctrl.T.Helper()
+	m.ctrl.Call(m, "DropHandshakeKeys")
+}
+
+// DropHandshakeKeys indicates an expected call of DropHandshakeKeys
+func (mr *MockCryptoSetupMockRecorder) DropHandshakeKeys() *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DropHandshakeKeys", reflect.TypeOf((*MockCryptoSetup)(nil).DropHandshakeKeys))
+}
+
 // Get1RTTOpener mocks base method
 func (m *MockCryptoSetup) Get1RTTOpener() (handshake.ShortHeaderOpener, error) {
 	m.ctrl.T.Helper()
--- a/session.go
+++ b/session.go
@ -51,6 +51,7 @@ type cryptoStreamHandler interface {
 	RunHandshake()
 	ChangeConnectionID(protocol.ConnectionID)
 	SetLargest1RTTAcked(protocol.PacketNumber)
+	DropHandshakeKeys()
 	io.Closer
 	ConnectionState() tls.ConnectionState
 }
@ -610,6 +611,7 @@ func (s *session) handleHandshakeComplete() {
 			s.closeLocal(err)
 		}
 		s.queueControlFrame(&wire.NewTokenFrame{Token: token})
+		s.cryptoStreamHandler.DropHandshakeKeys()
 		s.queueControlFrame(&wire.HandshakeDoneFrame{})
 	}
 }
--- a/session_test.go
+++ b/session_test.go
@ -1204,6 +1204,7 @@ var _ = Describe("Session", func() {
 			defer GinkgoRecover()
 			<-finishHandshake
 			cryptoSetup.EXPECT().RunHandshake()
+			cryptoSetup.EXPECT().DropHandshakeKeys()
 			close(sess.handshakeCompleteChan)
 			sess.run()
 		}()
@ -1256,6 +1257,7 @@ var _ = Describe("Session", func() {
 		go func() {
 			defer GinkgoRecover()
 			cryptoSetup.EXPECT().RunHandshake()
+			cryptoSetup.EXPECT().DropHandshakeKeys()
 			close(sess.handshakeCompleteChan)
 			sess.run()
 		}()
@ -1506,6 +1508,7 @@ var _ = Describe("Session", func() {
 			go func() {
 				defer GinkgoRecover()
 				cryptoSetup.EXPECT().RunHandshake().MaxTimes(1)
+				cryptoSetup.EXPECT().DropHandshakeKeys().MaxTimes(1)
 				close(sess.handshakeCompleteChan)
 				err := sess.run()
 				nerr, ok := err.(net.Error)